I'm working on a script to show differences between config files on a system and those provided in the original package. I have pretty much all of it working, except for using apt to download packages without being root. Is there a simple way to do this?

Edit: I've looked into the 'hacky' wget scripting type options, but the main issue I have is how you would determine which repo to attempt to get the package from. It's not included in any apt-cache output that I can see.

Can I ask the purpose behind this solution? Is it for security or a type of pseudo version control? If the latter is the goal have you considered something like puppet or cfengine? Based on some of your answers below I would guess some sort of consulting audits.
–
Geek404Aug 22 '09 at 7:29

There's no specific purpose, just the result of a converation I had last week, with a "hey, a script like that could be pretty handy" moment.
–
theotherreceiveAug 22 '09 at 19:18

You could set up passwordless sudo for aptitude --download-only? Or you could parse the output of various apt commands and manually download the file from there. There are 3rd party libraries for dealing with libapt, like python-apt

I want it to be fairly portable, and especially since it doesn't need to do any root stuff i wouldn't want to give it sudo access. Hacky parsing is something i'll consider, but i'd rather find a better way if possible.
–
theotherreceiveAug 18 '09 at 15:28

In the second form, dget downloads a binary package (i.e., a .deb file) from the Debian mirror configured in /etc/apt/sources.list(.d). Unlike apt-get install -d, it does not require root privileges, writes to the current directory, and does not download dependencies.

The problem with wget is that the script would have to work out the url of the package, which was one of the options Rory suggested. I'd like to avoid this approach if possible. There's no requirement to install the packages, I'd be most likely deleting them once they'd been diff'd.
–
theotherreceiveAug 18 '09 at 16:26

The locations of the repositories are in /etc/apt/sources.list and /etc/apt/sources.list.d/* so you could use those to work out the list of repositories. Then try all of them with wget for the location of the package. It is brute force but would work.